<?php
namespace App\Http\Middleware;

use Closure;

class CorssMiddleware
{
    /**
     * 跨域处理
     */
    public function handle($request, Closure $next)
    {
//        header("Access-Control-Allow-Origin: *");
//        $headers = [
//            'Access-Control-Allow-Methods'=> 'POST, GET, OPTIONS, PUT, DELETE',
//            'Access-Control-Allow-Credentials'=> 'true',  //允许客户端发送cookie
//            'Access-Control-Allow-Headers'=> 'Content-Type, X-Auth-Token, Origin'
//        ];
//        $response = $next($request);
//        foreach($headers as $key => $value)
//            $response->header($key, $value);
//        return $response;
        header('Access-Control-Allow-Origin: *');
        header("Access-Control-Allow-Credentials: true");
        header("Access-Control-Allow-Methods: GET,POST,OPTIONS,DELETE,PUT");
        header("Access-Control-Allow-Headers: Content-Type, X-Auth-Token, Origin");
        if ($request->getMethod() == 'OPTIONS') {
            return response('');
        }
        return $next($request);
    }
}